Blog Categories:

In a recent twist, scam artists are using the phone to try to break into your computer. They call claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need. But the purpose behind their elaborate scheme isn’t to protect your computer – it’s to steal your identity or/and to make money.

How Tech Support Scams Work

Scammers have been peddling bogus security software for years. They set up fake websites, offer free “security” scans*, and send alarming messages to try to convince you your computer is infected. Then, they try to sell you software to fix the problem. At best, the software is worthless or available elsewhere for free. At worst, it could be malware — software designed to give criminals access to your computer and your personal information.

The latest version of the scam begins with a phone call. Scammers can get your name and other basic information from public directories. They often try to gain your trust by pretending to be associated with well-known companies or confusing you with a barrage of technical terms. They may ask you to go to your computer and perform a series of complex tasks. Sometimes, they target legitimate computer files and claim they are viruses. Their tactics are designed to scare you into believing they can help fix your “problem.”

Once they’ve gained your trust, they may:

Ask you to give them remote access to your computer and then make changes to your settings that could leave your computer vulnerable.

Try to enroll you in a worthless computer maintenance or warranty program.

Ask for credit card information so they can bill you for phony services — or services you could get elsewhere for free.

Trick you into installing malware that could steal sensitive data, like user names and passwords.

Direct you to websites and ask you to enter your credit card number and other personal information.

Regardless of the tactics they use, their purpose is to steal your identity or/and to make money.

If You Get a Call

If you get a call from someone who claims to be a tech support person, hang up and call the company yourself on a phone number you know to be genuine. A caller who creates a sense of urgency or uses high-pressure tactics is probably a scam artist.

Keep these other tips in mind:

Don’t give control of your computer to a third party who calls you out of the blue.

Do not rely on caller ID alone to authenticate a caller. Criminals spoof caller ID numbers.

If you want tech support, look for a company’s contact information on their software package or on your receipt.

Never provide your credit card or financial information to someone who calls and claims to be from tech support.

If a caller pressures you to buy a computer security product or says there is a subscription fee associated with the call, hang up. If you’re concerned about your computer, call your security software company directly and ask for help.

Never give your password on the phone. No legitimate organization calls you and asks for your password.

If you think you might have downloaded malware from a scam site or allowed a cybercriminal to access your computer, don’t panic. Instead:

Get rid of malware*. Update or download legitimate security software and scan your computer. Delete anything it identifies as a problem.

Change any passwords you gave out. If you use these passwords for other accounts, change those accounts, too.

If you paid for bogus services with a credit card, call your credit card provider and ask if they can reverse the charges. Check your statements for any other charges you didn’t make, and ask to reverse those, too.

If you believe someone may have accessed your personal or financial information, visit the FTC’s identity theft website*. You can minimize your risk of further damage and repair any problems already in place.

If you paid for tech support services, and you later get a call about a refund, don’t give out any personal information. The call is almost certainly another trick to take your money.

The refund scam* works like this: Several months after the purchase, someone might call to ask if you were happy with the service. When you say you weren’t, the scammer offers a refund. Or, the caller may say the company is going out of business and providing refunds for “warranties” and other services.

In either case, the scammers eventually ask for a bank or credit card account number. Or they ask you to create a Western Union account. They might even ask for remote access to your computer to help you fill out the necessary forms. But instead of putting money in your account, the scammers withdraw money from your account. If you get a call like this, hang up, and report it at ftc.gov/complaint*.

Conclusion

You don’t need to be a victim of a tech support scam. Learn how these scams work, so you can detect them for what they are and protect yourself.

While large firms may have sophisticated technology and staff dedicated to thwarting crime, many small businesses don't — and scammers know this. Here are ways to protect yourself:

Be on guard against inside jobs. This includes employee theft or misuse of cash, merchandise or equipment as well as fraud. "Minimize risks through steps such as pre-employment background checks, automated inventory tracking systems, audits, and clearly outlined policies for personal use of computers and other business equipment," said Luke W. Reynolds, chief of the FDIC's Outreach and Program Development Section. "Also, carefully select who handles revenue from customers, pays the bills and reviews account statements. And, ensure that there are procedures in place to detect and deter fraud."

Watch out for fraudulent transactions and bills. Scams can range from consumer payments with a worthless check or a fake credit or debit card to fraudulent returns of merchandise. Be sure you have insurance to protect against risks. Also ignore offers to buy lists of federal grant programs. To learn more about protecting your business, consult your local Small Business Administration District Office*.

Electronic fraud by third parties can be very costly to businesses, so take them seriously. The FDIC has seen an increase in reports of unauthorized electronic transfers made from bank accounts held by small businesses.

"The most common and dangerous scam for small businesses is account takeover," said Michael Benardo, chief of the FDIC's Cyber-Fraud and Financial Crimes Section. "By sending fake emails and using fake websites to deliver malicious software, such as keystroke loggers, fraudsters may be able to obtain the IDs and passwords for online bank accounts and then make withdrawals from accounts."

According to federal law enforcement, businesses are increasingly targeted by business email compromise (“BEC”) fraud where perpetrators, posing as business executives or vendor partners, use compromised or spoofed email accounts to request fraudulent wire transfers or make changes in payment instructions for invoices. Federal agencies recommend separately confirming such communications and not relying solely on email to conduct financial transactions.

Because businesses are generally not covered by federal consumer protections against unauthorized electronic fund transfers, a bank likely will not be responsible for reimbursing losses associated with the theft from the account if it says that negligence on the part of the business, such as falling for a common scam, was a factor.

Also equip your computers with up-to-date anti-virus software and firewalls (to block unwanted access). Make backup copies of critical business data on every computer. Also monitor account balances regularly, perhaps daily, to look for suspicious or unauthorized activity.

And, don't click on links in or attachments to an unsolicited email that asks for confidential information, even if it appears to be from a company you do business with or the government. Legitimate organizations won't request that kind of information in an email. When in doubt, go to another source to find the organization's contact information so you can independently confirm the validity of the request.

Be proactive about protecting your small business from ill-intentioned people by learning what scams they use and how to not fall victim to those tactics.

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution.

Tips for a safer shopping experience and additional ideas to help avoid identity theft.

LOWELL, Ark. – In addition to being one of the biggest shopping months of year, December is also Identity Theft Prevention and Awareness Month.

Because an increasing number of people shop online in addition to traditional means, it is critical consumers know how to help protect themselves from identity thieves. These attacks not only can ruin the holiday shopping experience, but have disastrous and long-lasting effects on credit and bank accounts long after the holidays have passed.

The Bureau of Justice Statistics estimated that more than 17 million U.S. residents age 16 or older were victims of at least one incident of identity theft in 2014.

Below are some tips created by the Federal Trade Commission that can help consumers avoid such an unfortunate event.

- Lock your financial documents and records in a safe place at home, and lock your wallet or purse in a safe place at work.

- Limit what you carry. When you go out, take only the identification, credit, and debit cards you need. Leave your Social Security card at home.

- Before you share information at your workplace, a business, your child's school, or a doctor's office, ask why they need it, how they will safeguard it, and the consequences of not sharing.

- Take outgoing mail to post office collection boxes or the post office. Promptly remove mail that arrives in your mailbox. If you won’t be home for several days, request a vacation hold on your mail.

- Before you dispose of a computer, get rid of all the personal information it stores. Use a wipe utility program to overwrite the entire hard drive.

- Before you dispose of a mobile device, check your owner’s manual, the service provider’s website, or the device manufacturer’s website for information on how to delete information permanently, and how to save or transfer information to a new device.

- Keep your browser secure. To guard your online transactions, use encryption software that scrambles information you send over the internet. A “lock” icon on the status bar of your internet browser means your information will be safe when it’s transmitted. Look for the lock before you send personal or financial information online.

- Use strong passwords with your laptop, credit, bank, and other accounts. Be creative: think of a special phrase and use the first letter of each word as your password. Substitute numbers for some words or letters. For example, “I want to see the Pacific Ocean” could become 1W2CtPo.

- If you post too much information about yourself via social media, an identity thief can find information about your life, use it to answer ‘challenge’ questions on your accounts, and get access to your money and personal information. Consider limiting access to your networking page to a small group of people. Never post your full name, Social Security number, address, phone number, or account numbers in publicly accessible sites.

- Keep a close hold on your Social Security number and ask questions before deciding to share it. If someone asks you to share your SSN or your child’s, ask: why they need it, how it will be used, how they will protect it, and what happens if you don’t share the number.

- Don’t open files, click on links, or download programs sent by strangers. Opening a file from someone you don’t know could expose your system to a computer virus or spyware that captures your passwords or other information you type.

- Before you send personal information over your laptop or smartphone on a public wireless network in a public place, see if your information will be protected. If you use an encrypted website, it protects only the information you send to and from that site. If you use a secure wireless network, all the information you send on that network is protected.

- Keep financial information on your laptop only when necessary. Don’t use an automatic login feature that saves your user name and password, and always log off when you’re finished.

For more extensive information on privacy and identity protection, visit www.ftc.gov* and look for the ‘Tips & Advice’ tab. If you’re interested in the kind of identity-theft protection that includes theft-resolution and file-monitoring services, Arvest offers Family IDProtect® with some of its checking accounts. To learn more about Arvest Bank and Family IDProtect®, visit www.arvest.com and select Family IDProtect® under the ‘Personal’ tab.

Links marked with * go to a third-party site not operated or endorsed by Arvest Bank, an FDIC-insured institution.

With the holidays right around the corner, you’ll probably be taking advantage of online shopping. Use these tips to help you be smart about what sites you make purchases from.

Know who you're dealing with.

Anyone can set up shop online under almost any name. Confirm the online seller's physical address and phone number in case you have questions or problems. If you get an email or pop-up message that asks for your financial information while you’re browsing, don't reply or follow the link. Legitimate companies don't ask for information that way.

Know what you're buying.

Read the seller's description of the product closely, especially the fine print. Words like "refurbished," "vintage" or "close-out" may indicate the product is in less-than-mint condition, while name-brand items with bargain basement prices could be counterfeits.

Know what it will cost.

Check out websites that offer price comparisons and then compare "apples to apples." Factor shipping and handling into the total cost of your purchase. Do not use money transfer systems you cannot find credible information about or have experience with.

Check out the terms of the deal, like refund policies and delivery dates.

Can you return the item for a full refund if you're not satisfied? If you return it, who pays the shipping costs or restocking fees, and when will you get your order? A Federal Trade Commission (FTC) rule requires sellers to ship items as promised or within 30 days after the order date if no specific date is promised. Many sites offer tracking options, so you can see exactly where your purchase is and estimate when you’ll get it.

If you pay by credit or charge card online, your transaction will be protected by the Fair Credit Billing Act. Under this law, you can dispute charges under certain circumstances and temporarily withhold payment while the creditor investigates them. In the event someone uses your credit card without your permission, your liability generally is limited to the first $50 in charges. Some companies guarantee you won’t be held responsible for any unauthorized charges made to your card online; some cards provide additional warranty, return and purchase protection benefits.

Keep records.

Print or save records of your online transactions, including the product description and price, the online receipt, and the emails you send and receive from the seller. Read your credit card statements as you receive them; be on the lookout for charges you don’t recognize.

Protect your information.

Don't email any financial information. Email is not a secure method of transmitting financial information like your credit card, checking account or Social Security number. If you begin a transaction and need to give your financial information through an organization's website, look for indicators that the site is secure, like a URL that begins "https" (the "s" stands for secure). Unfortunately, no indicator is foolproof; some fraudulent sites have forged security icons.

Check the privacy policy.

Really. It should let you know what personal information the website operators are collecting, why and how they're going to use the information. If you can't find a privacy policy — or if you can't understand it — consider taking your business to another site that's more user-friendly.

Arvest Bank has become aware of a phone phishing scam, which some customers have experienced. In the scam the customer receives an automated phone call from a number with an 844 area code saying the customer’s card has been blocked. The message prompts the customer to enter their credit/debit card number. These calls are fraudulent and are not generated by Arvest Bank.

If you received a phone call like this and entered your personal information, please contact us immediately at (866) 952-9523, so we can protect your account.

If you received a phone call like this but did not divulge confidential information, please notify us via email at reportfraud@arvest.com. If possible, please include the phone number the call came from and the type of information asked for (e.g., card number, account number).

Phishing scams come in a variety of forms. While some are similar to this one, others come in the form of emails, customer service surveys or text messages. While it can be difficult to identify spoofed text messages, email messages, websites and automated phone systems, it is not difficult to know if any of these may be related to a fraudulent phishing scam. The key is knowing that legitimate businesses do not send messages or make automated calls to customers prompting them to divulge confidential information. If you receive such a message, or automated phone call, no matter how genuine it may appear, assume it to be fraudulent and please notify the legitimate business immediately.

Become an educated consumer to help protect yourself from ill-intentioned people who may try to skim your debit or credit card.

What is a Card Skimmer?

A card skimmer is an electronic method of capturing a victim's personal information to be used by thieves. The skimmer is a small device that scans a credit or debit card and stores the information contained in the card’s magnetic strip.

Installed Skimmers

Skimmers are often installed where you normally swipe your card – on ATMs, gas pumps and payment machines at merchants. They are difficult to see and could be just a piece of plastic over the normal card slot, but with a tiny computer inside.

Skimmers can quickly read everything they need when you use your card, and they store that information for thieves to use later. Some skimmers send the information wirelessly, which reduces risk for thieves.

In many cases, skimmers do not interfere with your transaction, so you don’t know your card number has been stolen. Your card passes right through the skimmer, and everything seems normal.

Handheld Skimmers

Skimmers can also be “mobile” devices, tucked away in a pocket. For example, when you hand your card to a dishonest waiter to pay for dinner, it only takes a second to run your card through a skimmer while walking back to the cash register.

In addition to the card reader, skimming scams often use hidden cameras and other equipment to capture your personal identification number (PIN). Popular camera locations include: in the card reader, mounted at the top of the ATM or in plastic cases holding brochures.

Another technique is to alter the keypad (possibly by placing a fake keypad over the original one) with a device that records your PIN. Heat-sensitive cameras on mobile devices can also help with figuring out your PIN.

Protect your PIN: When you enter your PIN, no matter where you are, cover your hand (with your other hand). This makes it harder for cameras to record your PIN and prevents anybody from watching what you enter.

Check for Tampering: If something looks odd, such as a different color or material, graphics that aren’t aligned correctly, or anything else that does not look right, walk away and use a different machine. Skimmers sometimes stick out an extra half-inch, but many of them are extremely well-designed and difficult to spot.

Don’t accept “help”: If you get offers to help from strangers hanging around the machine, decline the offer and leave. They may say they were having trouble also, and you just need to enter your PIN again.

We regularly monitor for unusual activity on your account and will contact you if we detect suspicious charges. If you suspect your card has been skimmed or see unauthorized charges on it, please contact us at (866) 952-9523.

By learning tactics thieves can use to skim cards, you can become more alert and help protect yourself and your cards.

Investment products and services are provided by Arvest Investments, Inc., doing business as Arvest Asset Management, member FINRA/SIPC, an SEC registered investment adviser and a subsidiary of Arvest Bank. Trust services are provided by Arvest Bank. Insurance products are made available through Arvest Insurance, Inc., which is registered as an insurance agency. Insurance products are marketed through Arvest Insurance, Inc., but are underwritten by insurance companies.
Securities and Insurance Products: Not Insured by FDIC or any Federal Government Agency, May Lose Value, Not a Deposit of or Guaranteed by a Bank or any Bank Affiliate.